<?php 
session_start();
$msg_error = '';
if(!empty($_SESSION['login'])){
	header("location:index.php");
}
elseif(isset($_POST['submit'])){
	
	$racine = simplexml_load_file('droits.xml');
	$xpath = "/rights/user[login='".$_POST['login']."'][password='".$_POST['password']."']";
	$element = $racine->xpath($xpath);
	
	if(!empty($element))
	{	
		$_SESSION['login'] = $_POST['login'];
		$_SESSION['password'] = $_POST['password'];
		$_SESSION['permission'] = (string)$element[0]->permission;
		header("location:index.php");
	}
	else{
		$msg_error = "Login ou Password invalide.";
	}
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
		<title>Login - Projet XML</title>
		<link href="libs/bootstrap/css/bootstrap.min.css" rel="stylesheet" media="screen">
		<link href="css/style.css" rel="stylesheet" media="screen">
	</head>
	<body>
		<div id="document">
			<div id="login">
				<h1>Projet XML</h1>
				<h4>Connectez-vous</h4>
							
				<form action="login.php" method="post" class="form">
					<?php
					if("" != $msg_error){
						?>
						<div class="control-group">
							<div class="controls" id="msg_error">
								<?php echo $msg_error;?>
							</div>
						</div>
						<?php
					}
					?>		
					<div class="control-group">
						
						<div class="controls">
							<input type="text" name="login" id="login" placeholder="Login">
						</div>
					</div>
					<div class="control-group">
						
						<div class="controls">
							<input type="password" name="password" id="password" placeholder="Password">
						</div>
					</div>
					<div class="control-group">
						<div class="controls">
							<button name="submit" id="submit" type="submit" class="btn">Se connecter</button>
						</div>
					</div>
				</form>
			</div>
		</div>
	</body>
</html>